Acknowledgements

Download 146.24 Kb.

Page	3/8
Date	02.02.2017
Size	146.24 Kb.
	#16408

1 2 3 4 5 6 7 8

Third Party Definition
Development of Third Party Functionality

Security

SMT employs a high level of security and the services provided to SMT’s users are rooted in common information security technologies and practices to ensure that all transactions and Customer data are protected. SMT uses a wide array of tools and techniques to ensure that security is deeply ingrained in its services and associated infrastructure. SMT is susceptible to a variety of cyber security threats because it is a web portal accessible through the internet. Recognizing the variety and type of potential attacks, SMT has implemented a robust and encompassing security model. This model reflects state laws, industry-independent regulation, applicable guidelines from national organizations, and business-consistent IT security measures. Many of the security features come through a strategic partnership with the SMT solution provider that leverage their secure web technologies and capitalizes on the solution provider’s extensive industry experience. SMT employs additional mitigation measures through the use of industry standard practices, many of which are provided by the National Institute of Standards and Technology (NIST).

A detailed discussion of SMT development, functionality, and security mitigation are provided in Understanding Smart Meter Texas¹³.

Third Party Definition

A Third Party, in the context of SMT, is a service provider offering Customers, in the competitive regions of Texas, energy efficiency products and services that may use Customer smart meter usage information or In-Home Devices. The definition of Third Party includes REPs when a REP requests usage data from Customers who do not buy electricity from that REP (i.e., not the ROR). In addition, the definition of Third Party encompasses all parties, including the Customer’s ROR, who want to offer products and services related to In-Home Devices.

Development of Third Party Functionality

d.Design Process

Business Requirements related to Third Party access were included in the initial SMT Business Requirements¹⁴ but implementation of Third Party functionality was delayed until other higher priority features were delivered. A year after the initial release of SMT, the market participants began to discuss implementation of SMT Third Party functionality. As the discussions began, it became clear that many details related to Third Party access still needed to be developed and consensus needed to be reached among the market participants. The following were some of the issues identified by the market participants:

Definition of a Third Party and who is included
The level of data access (e.g., one time, defined term, open ended, etc.) granted to a Third Party
Third Party access to SMT HAN functionality
The level of oversight, if any, and the responsibility for such oversight
Documenting Customer permission (i.e., automated or manual, Customer initiated or Third Party initiated)
Relationship termination (i.e., Customer controlled or Third Party controlled)
Determine if a Third Party should be charged an access fee

e.Use Cases

To resolve these issues and to identify additional SMT Business Requirements, the market participants employed a use case-based process. A use case is a sequence of events that describes one way to use a particular system. It is a story about how a particular user of a system accomplishes a goal. The process of defining and creating use cases results in a comprehensive set of requirements because:

It’s done from the users’ point of view, so it’s easier to tell what interactions or steps are really necessary
It follows a complete path for completing a task from start to finish

Table lists additional use cases the market participants developed to refine the SMT Third Party Functionality. Developing these use cases helped to identify processes that could be incorporated in the SMT design or, in some cases, helped to uncover unnecessary complexity in certain processes and caused the market participants to search out other solutions.

Table : Third Party Use Cases

Name	Description
SMT Registered Consumer Initiates Third Party Relationship	A SMT registered Consumer intends to initiate the Third Party relationship through SMT which creates an e-mail to the SMT Production Support team
Consumer Requests Information	A Consumer requests information on existing Third-Party relationships
Consumer Terminates Third-Party Relationship	A Consumer terminates an existing Third-Party relationship
Third-Party Establishes API with SMT	A Third-Party coordinates with the SMT Production Support team to set up API access
Third-Party Requests Information on Consumer Relationships	A Third-Party requests information on their existing consumer relationships
Third-Party Accesses Consumer Data	A Third-Party accesses their consumer data from SMT via API
Third-Party Adds HAN Device	A Third-Party utilizes SMT to add a HAN Device to the Customer’s HAN.

f.Storyboards

As the Third Party discussions advanced, the stakeholders migrated to the use of a modified version of use cases called ‘storyboards’ that closely resemble a widely accepted systems development tool known as an Activity Diagram. The stakeholders favored the storyboard method because they were more suitable for presentation and group discussion. Storyboards are visual representations of a sequence of steps that are similar to a use case’s list of steps. The storyboard indicates the flow of actions and information among a set of actors. The storyboards generally include a brief set of steps in a list format and can also indicate references to other important information such as assumptions, requirements, Business Processes and interfaces (see Figure ). In addition, the storyboards include SMT web portal screen shots to display the full user interface experience. The storyboard process not only documented the steps taken to perform the activity but also recorded the corresponding assumptions and business rules for the activity.

Figure : Storyboard Example

The final set of storyboards that became the design documents for Third Party access to SMT are listed in Table .

Table : Final Storyboards for Third Party Access

Name	Description
SMT Account Registration
Third Party registers for a new SMT Account	A Third Party creates a company account and an Administrator account and approves pending user accounts and assigns users permissions.
Agreement Invitation
Third Party initiates Energy Data agreement	Third Party meets with Customer and obtains necessary information from Customer. Third Party initiates an Energy Data agreement invitation in SMT and SMT sends the invitation to the Customer’s email address.
Third Party initiates HAN Services agreement	Third Party meets with Customer and obtains necessary information from Customer. Third Party initiates a HAN Services agreement invitation in SMT and SMT sends the invitation to the Customer’s email address.
Third Party initiates HAN Device agreement	Third Party meets with Customer and obtains necessary information from Customer. Third Party initiates a HAN Device agreement invitation in SMT and SMT sends the invitation to the Customer’s email address.
Agreement Acceptance/Rejection
Customer accepts invite for Third Party agreement	Customer accepts an agreement invitation and SMT creates an agreement.
Customer rejects invite for Third Party agreement	Customer rejects the agreement and has the option to specify a reason for rejection. SMT does not create an agreement.
Agreement Management
Customer views and manages Third Party agreements	Customer views their existing Third Party Agreements and accepts, rejects, extends or terminates an agreement or removes HAN device.
Third Party views and manages Customer agreements	Third Party views their existing Customer Agreements and initiates an extension request, resends an invitation or extension request, exports meter/premise information, terminates agreement or removes HAN device.
Third Party accesses Customer energy data	Third Party selects a Customer and views or exports the energy data.
Third Party accesses Customer HAN Devices	Third Party selects a HAN device and removes the HAN device from the Customer HAN.
Reports
TDSPs and Regulatory officials view history of reports being run on Customers’ usage data	TDSP or Regulatory user selects an ESIID and views a history of reports a Third Party has run on the Customer’s usage data.

The stakeholders documented their progress toward an agreed upon Third Party functionality in various documents that were continually updated to reflect decisions made and consensus reached. One of the most difficult issues to resolve was how to document and track Customer authorizations granted to Third Parties. The stakeholders eventually settled on a process whereby agreement invitations are initiated by Third Parties and accepted or rejected by Customers. Through this agreement process SMT could document and track a Customer’s relationship with a Third Party.

Directory: content -> wcm -> key documents lists -> 27280
content -> Resolution
content -> American bar association adopted by the house of delegates
content -> Additional File 26
content -> Guide to completing the collection using the Omnibus system
content -> Management and Marketing
content -> Sigaccess annual Report
content -> Study Guide For Students Only Dress Rehearsal January 29, 2014 7: 00 pm jubilee Auditorium
content -> Benjamin Franklin: In Search of a Better World Section One
content -> Extended range forecast of atlantic seasonal hurricane activity and landfall strike probability for 2013

Download 146.24 Kb.

Share with your friends:

1 2 3 4 5 6 7 8